Cisco Talos Intelligence Blog

March 31, 2022 18:03

Threat Advisory: Spring4Shell

UPDATE, APRIL 4, 2022: The Kenna Risk Score for CVE-2022-22965 is currently at maximum 100. This is an exceptionally rare score, of which only 415 out of 184,000 CVEs (or 0.22 percent) have achieved, reflecting the severity and potential effects of this vulnerability. To get a r

March 24, 2022 12:03

Threat Advisory: DoubleZero

This post is also available in: Українська (Ukrainian) Overview The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed "DoubleZero" targeting Ukrainian enterprises during Russia's invasion of the country. This wi

March 14, 2022 08:03

Threat Advisory: Opportunistic cyber criminals take advantage of Ukraine invasion

By Edmund Brumaghin, with contributions from Jonathan Byrne, Perceo Lemos and Vasileios Koutsoumpogeras. This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Executive Summary * Since the beginning of the war in Ukraine, we have observed threat actors usin

March 3, 2022 15:03

Current executive guidance for ongoing cyberattacks in Ukraine

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by enacting a comprehensive, Talos-wide effort to p

March 1, 2022 19:03

Crowd-sourced attacks present new risk of crisis escalation

This post is also available in: 日本語 (Japanese) * An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain awa

February 24, 2022 17:02

Talos on the developing situation in Ukraine

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) In the last month, Talos has seen a shift in activity in response to the unjust invasion of Ukraine. This post is meant to serve as our executive overview of the situation and provide you with the most up-to

February 24, 2022 15:02

Threat Advisory: Cyclops Blink

Update Mar. 17, 2022 Today, Asus released a product security advisory listing their products affected by Cyclops Blink. While the investigation is currently ongoing, this advisory provides guidance on taking necessary precautions via a checklist for the affected product versions

February 24, 2022 15:02

Threat Advisory: HermeticWiper

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Update: March 1, 2022 Cisco Talos is aware of reporting related to additional components discovered to be associated with ongoing HermeticWiper attacks. These additional components include: * HermeticWiz

December 10, 2021 14:12

Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild

Update History DateDescription of UpdatesDec. 20, 2021 Additional coverage and IOCs; additional detection capabilities for customers via Cisco Global Threat Alerts. Dec. 18, 2021 Additional mitigation guidance; updated coverage information. Dec. 17, 2021 Added additional vulner